Electronic data processing provides the capability to gather, store, analyze, and use vast amounts of data with convenience. For example, electronic business cards have become an accepted and convenient way of gathering and exchanging information such as postal addresses, e-mail addresses, telephone numbers, business qualifications and interests, and so forth. A good discussion of electronic business cards may be found in U.S. Pat. No. 5,732,229, “Method and apparatus for displaying business cards,” to Dickinson.
Parties may exchange business cards directly, for example as described in U.S. Pat. No. 6,175,741 “System and method for enhancing business card services within a cellular network,” to Alperovich. Unfortunately, such a direct-exchange system has a number of disadvantages. One disadvantage is the need to update the business cards sent out earlier, one by one, when information such as an address or a telephone number changes. Such updates may result in a storm of electronic messages, one sent to each recipient of the business card that needs the update. This is especially disadvantageous in a wireless communication system, wherein a user may incur an expense for each message sent or received. Moreover, there is no guarantee that the updates will reach their intended recipients, as the some of the recipients' electronic addresses may have become obsolete.
As a result of these shortcomings, electronic business card systems have been proposed. Someone who desires to use an electronic business card system registers with the system, and sends an electronic business card to a data server that functions as a shared repository for holding electronic business cards submitted by other users. To exchange electronic business cards, the owner of the business card may grant permission to the data server to transfer the business card to selected users of the system in response to requests, and by default to withhold permission to transfer the business card to other users who may be registered with the system but unknown to the owner of the business card. The owner of the business card may, at any time, grant or revoke permission to access the business card, or change its information, by interacting with the data server. This flexibility provides a convenient way to assure that the group of users permitted to access the card and the information carried by the card remain up-to-date.
Unless the mechanism for accessing and changing electronic business cards is controlled and secure, however, registration with an electronic business card system may be akin to leaving a pile of paper business cards about, to be picked up at random by anyone who passes by. Sometimes, the uncontrolled distribution of business cards, either electronic or paper, is desirable, and serves as a form of advertising. In other circumstances, however, allowing open access to an electronic business card may subject its owner to risk. In particular, allowing an unscrupulous person to gain access to an electronic business card may subject the owner of the business card to a barrage of unwanted messages such as advertisements, scams, smut, denial of service attacks, and so on.
Moreover, as electronic business card systems become more widely used, the information carried by electronic business cards becomes more sensitive, and the incentive therefore increases for the unscrupulous to access and misuse the information. For example, an electronic business card may contain credit card or unlisted telephone numbers, account information concerning suppliers or customers, and so forth. Thus there is a need for a method that provides secure access to information held in a shared repository, such as electronic business cards held by a data server of an electronic business card system.